$realUser = mysql_query("SELECT Username FROM my_db WHERE Username = $user ");This is not storing the $user value to $realUser. I am correctly using $_REQUEST to retrieve the value for $user from a form, and I am connected to my database. I understand there is an issue with PHP variables in a query, can someone please tell me how I could make this work?
Sorry, I meant it's not storing the query using the $user variable to the $realUser
Try this:
$realUser_q = mysql_query("SELECT Username FROM my_db WHERE Username = $user ") or die(mysql_error()); $realUser=mysql_fetch_array($realUser_q); //above sets the $realUser[] Array //example usage: $realUser['mysql_column_name'] echo $realUser['Username'];Hope that helps answer the question.
Looking at your query, I guess $user is a string. So
$realUser_q = mysql_query("SELECT Username FROM my_db WHERE Username = $user ") or die(mysql_error());will generate an error. You have to put single quotes around $user. ie.,
$realUser_q = mysql_query("SELECT Username FROM my_db WHERE Username = '$user'") or die(mysql_error());You don't need single quotes if you are querying with integers. ie.,
$realUser_q = mysql_query("SELECT Username FROM my_db WHERE Userid = $userid ") or die(mysql_error());Hope thats clear!
First, I'd like to say I really appreciate the replies. I have tried single quotes, no error is given, but nothing is stored in $realUser. What does _q at the end of the variable do?
First, I'd like to say I really appreciate the replies. I have tried single quotes, no error is given, but nothing is stored in $realUser. What does _q at the end of the variable do?
If nothing is stored, then maybe $user is empty. Try this and let us know what it prints.
$realUser_q = "SELECT Username FROM my_db WHERE Username = '$user'"; echo $realUser_q; $realUser_r = mysql_query($realUser_q) or die(mysql_error());And as for your second question, _q don't do anything. Its just another variable.
Okay here's what I'm doing exactly. I'm taking a field from a form called user and storing it in the variable $user. Then, I'm looking for $user in my_db and storing it is $realUser. I am then comparing the two to see if the username they entered exists.
I have echo $realUser; in the script and it returns nothing, this is how I know it's not working.
Can you post your code here ? And don't echo $realUser, echo $realUser_q.
This is after requesting the user and pass variables and setting the con variable with a connection to my_db:
if(!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $realUser = mysql_query("SELECT Username FROM my_db WHERE Username = $user"); echo $realUser; if(!($user == $realUser)) { echo "No Such User"; } else { $realPass = mysql_query("SELECT Password FROM my_db WHERE Username = '$user'"); if($pass != $realPass) { echo "Incorrect password"; } elseif($pass == $realPass) echo "Welcome!"; }I know this is about to get torn apart. I know I should've used != , but I wasn't sure what the problem was, so I tried some things. I can see obvious mistakes in there.
if(!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $user = mysql_real_escape_string($_POST['user']); //request posted data and sanitise it using mysql_real_escape_string $pass = mysql_real_escape_string($_POST['pass']); $realUser_query = "SELECT Username FROM my_db WHERE Username = '$user'"; // create the query $realUser_result = mysql_query($realUser_query); //execute the query and assign result resource to $realUser_result if(mysql_num_rows($realUser_result) > 0 ) { //if the returned results is more than 0 $usernamerow = mysql_fetch_array($realUser_result); //fetch the returned result to $usernamerow $realUser = $usernamerow['Username']; //assign Username to $realUser } if($user != $realUser) { echo "No Such User"; } else { $realPass_query = "SELECT Password FROM my_db WHERE Username = '$user'"; $realPass_result = mysql_query($realPass_query); if(mysql_num_rows($realPass_result) > 0 ) { $passrow = mysql_fetch_array($realPass_result); $realPass = $passrow['Password']; } if($pass != $realPass) { echo "Incorrect password"; } elseif($pass == $realPass) echo "Welcome!"; }Try this out! I have added comments for you to understand.
I am getting this error.
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /var/www/home.php on line 23
This corresponds to this line in my code:
$realUser_result = mysql_query($realUser_query); //execute the query and assign result resource to $realUser_result [B]if(mysql_num_rows($realUser_result) > 0 ) { //if the returned results is more than 0[/B] $usernamerow = mysql_fetch_array($realUser_result); //fetch the returned result to $usernamerowOkay! Add echo $realUser_query; before $realUser_result = mysql_query($realUser_query); and tell us what it prints.
SELECT Username FROM my_db WHERE Username = 'willemjr'Okay! The query looks good. Are you sure the table name is correct ? Because I noticed your database and table have the same name! :-/ If it is correct, execute this query in phpmyadmin or mysql console and see if it throws any error!
the database name should be my_db and the table should be Users. Did I mess that up??
Ah! :'( Yes !!!
where am I putting the table name then? haha thanks a lot for the help by the way. I'm not really even doing this for anything, just trying to learn.
In all the queries, change my_db to user. :) Then I guess it should work fine!
I got it, thank you so much man. I'm gonna have to go over the code so I can understand all the changes, but I really do appreciate the help!
You are welcome! Glad I could help :) Cheers!
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.
